exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2023-01-13

tcpdump 4.99.3
Posted Jan 13, 2023
Site tcpdump.org

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.

Changes: One update to printers, a modification to smbutil.c, 9 building and testing changes along with 5 documentation changes.
tags | tool, sniffer
systems | unix
SHA-256 | ad75a6ed3dc0d9732945b2e5483cb41dc8b4b528a169315e499c6861952e73b3
libpcap 1.10.3
Posted Jan 13, 2023
Site tcpdump.org

Libpcap is a portable packet capture library which is used in many packet sniffers, including tcpdump.

Changes: Under the source code, they sorted the PUBHDR variable in Makefile.in in "ls" order, fixed a typo in comment in pflog.h, removed two no-longer-present files from .gitignore, and updated code and comments for handling failure to set promiscuous mode based on new information. Various updates to the building and testing process.
tags | library
systems | unix
SHA-256 | 2a8885c403516cf7b0933ed4b14d6caa30e02052489ebd414dc75ac52e7559e6
Ubuntu Security Notice USN-5804-1
Posted Jan 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5804-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamas Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934
SHA-256 | eaaf2b382821a29f0cd1289ad47e022031258f5e6b7b5ad1a6f618862dfb5a67
Red Hat Security Advisory 2023-0163-01
Posted Jan 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0163-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a server-side request forgery vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-46364
SHA-256 | d55d12dfc8660dd2ed19af26307d3d77442e78e3c73a603fb139af29c4a6822f
Red Hat Security Advisory 2023-0163-01
Posted Jan 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0163-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a server-side request forgery vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-46364
SHA-256 | d55d12dfc8660dd2ed19af26307d3d77442e78e3c73a603fb139af29c4a6822f
libCoreEntitlements CEContextQuery Arbitrary Entitlement Returns
Posted Jan 13, 2023
Authored by Ivan Fratric, Google Security Research

On newer macOS/iOS versions, entitlements in binary signature blobs are stored in the DER format. libCoreEntitlements.dylib is the userspace library for parsing and querying such entitlements. The kernel has its own version of this library inside the AppleMobileFileIntegrity module. libCoreEntitlements exposes several functions, such as, for example, to convert entitlements to a dictionary representation (e.g. CEQueryContextToCFDictionary) or to query a specific entitlement (CEContextQuery). Unfortunately, different functions traverse the DER structure in a subtly different way, which allows one API to see one set of entitlements and another API to see a different set of entitlements.

tags | exploit, kernel
systems | apple, ios
advisories | CVE-2022-42855
SHA-256 | 9313c983a56ba7500d8b9861b16b1c103ae3a9454de12a836126f89cec59a1b8
Ubuntu Security Notice USN-5803-1
Posted Jan 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5803-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamas Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-4378, CVE-2022-45934
SHA-256 | 4a901d23fe04ca230ee9b786ae58b58154f66077be0ff2e81efffbae06b991af
WebKit CSSCrossfadeValue::crossfadeChanged Use-After-Free
Posted Jan 13, 2023
Authored by Google Security Research, Maddie Stone

WebKit suffers from a RenderMathMLToken use-after-free vulnerability in CSSCrossfadeValue::crossfadeChanged.

tags | exploit
SHA-256 | 2b3fca29e24705325c2e8f69792ec1fc6a23682a01cfd1f0ecc2b118ac3f4ef8
Ubuntu Security Notice USN-5801-1
Posted Jan 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5801-1 - It was discovered that Vim makes illegal memory calls when pasting brackets in Ex mode. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. This issue affected only Ubuntu 20.04 and 22.04 It was discovered that Vim makes illegal memory calls when making certain retab calls. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-0392, CVE-2022-0417
SHA-256 | 0318c9712fe56a1f8810700373a5c02513327d9045680846c9b5c3c5db26f51d
Academy LMS 5.11 Cross Site Scripting
Posted Jan 13, 2023
Authored by CraCkEr

Academy LMS version 5.11 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c4267c2d2313ed4c29b4190bebb424eb41532d3688641f03004ad2b8be81c60e
Ubuntu Security Notice USN-5802-1
Posted Jan 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5802-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934
SHA-256 | 34428fdea7c82ae5cc1b2570fe09a946f45222b5e8de50755c8c2bd32c0ca4ff
Red Hat Security Advisory 2023-0164-01
Posted Jan 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0164-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a server-side request forgery vulnerability.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2022-46364
SHA-256 | 616521c388a566f932319b081aa87e65cb569e58ad0c35329e4380e9a0b8cb49
Red Hat Security Advisory 2023-0017-01
Posted Jan 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0017-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.56. Issues addressed include bypass, cross site request forgery, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, denial of service, vulnerability, xss, csrf
systems | linux, redhat
advisories | CVE-2022-2048, CVE-2022-29047, CVE-2022-30945, CVE-2022-30946, CVE-2022-30948, CVE-2022-30952, CVE-2022-30953, CVE-2022-30954, CVE-2022-34174, CVE-2022-34176, CVE-2022-34177, CVE-2022-36881, CVE-2022-36882, CVE-2022-36883
SHA-256 | 100324dc37a3b8c6880e383212a38c4af09adce1dd885bc1832da298b091d2f2
ChiKoi New-MVC-SHOP 1.0 Cross Site Scripting
Posted Jan 13, 2023
Authored by CraCkEr

ChiKoi New-MVC-SHOP version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 37112a998d09fcfdfdd50638e993ccb4c2969bb383bcb0b8fef8240635bb739c
Ubuntu Security Notice USN-5800-1
Posted Jan 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5800-1 - It was discovered that Heimdal incorrectly handled certain SPNEGO tokens. A remote attacker could possibly use this issue to cause a denial of service. Evgeny Legerov discovered that Heimdal incorrectly handled memory when performing certain DES decryption operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-44758, CVE-2022-3437, CVE-2022-42898, CVE-2022-44640
SHA-256 | b0e2703f42318fc7c0a4e60c767ce87190f7c37446b669112673f0af14942855
Red Hat Security Advisory 2023-0160-01
Posted Jan 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0160-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2625
SHA-256 | 47d220474f8300a3da56a595f0c7f3a38eeafb61aafcd5d30a192d4aadc00437
WordPress Slider Revolution 4.x.x Shell Upload
Posted Jan 13, 2023
Authored by indoushka

WordPress Slider Revolution plugin versions 4.x.x suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 91ad27d5b8aae997e047295a60a4b87610223abd915335d38e21feaee0c21334
WordPress Slider Revolution 4.9.2 Directory Traversal
Posted Jan 13, 2023
Authored by indoushka

WordPress Slider Revolution plugin version 4.9.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | b974aee33a66e29925be0ab29843b305b114f9a63e635ad75ca2c10d50af3474
WordPress Slider Revolution 4.6.5 Directory Traversal
Posted Jan 13, 2023
Authored by indoushka

WordPress Slider Revolution plugin version 4.6.5 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | c0ad551826885e99515a7f31a6660bf3f6f546a33382b918ec3a80f8f2c57bbc
WordPress Slider Revolution 4.1.3 Directory Traversal
Posted Jan 13, 2023
Authored by indoushka

WordPress Slider Revolution plugin version 4.1.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 83b023ff748b63a814933d6674398e32e4fb2ba5c520cc7997e01b2a23da875c
WordPress Slider Revolution 4.1.2 Directory Traversal
Posted Jan 13, 2023
Authored by indoushka

WordPress Slider Revolution plugin version 4.1.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | d3b71e6cca26b526cd8c1ef3f9be1a645c838d5b2349fa4c8be240892908d108
WordPress Slider Revolution 3.0.8 Directory Traversal
Posted Jan 13, 2023
Authored by indoushka

WordPress Slider Revolution plugin version 3.0.8 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 129c075ad285b288723e5f16312e3c90c87bccd10a3436f09ab9fdb5cfb03d53
WordPress Profile Builder 3.0.5 SQL Injection
Posted Jan 13, 2023
Authored by indoushka

WordPress Profile Builder plugin version 3.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dd2a00364eee556c9e3981aef19bd8de262365e971b4b9c66b65ec44ec825637
Global Education And Technoworld 4.1 Backup Disclosure
Posted Jan 13, 2023
Authored by indoushka

Global Education and Technoworld version 4.1 suffers from an unauthorized backup disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | d72fb877f183ce52a7f5cc803d31f26d95d704adfccefbb0b43ecf296a359ca9
Laravel 9.47.0 Information Disclosure
Posted Jan 13, 2023
Authored by indoushka

Laravel versions 1.0 to 9.47.0 suffer from database disclosure and information leakage vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | 111b6533007bb0d30833a8fec10c414266b1f7095e1f6e0aecfa7bb54a3e2319
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close